CWE-611
AllowedImproper Restriction of XML External Entity Reference
Abstraction: Base · Status: Draft
The product processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.
1691 vulnerabilities reference this CWE, most recent first.
GHSA-26WP-CF2X-V6XH
Vulnerability from github – Published: 2022-05-24 19:03 – Updated: 2022-05-24 19:03IBM Cognos Analytics 11.0 and 11.1 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 176607.
{
"affected": [],
"aliases": [
"CVE-2020-4300"
],
"database_specific": {
"cwe_ids": [
"CWE-611"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-06-01T14:15:00Z",
"severity": "HIGH"
},
"details": "IBM Cognos Analytics 11.0 and 11.1 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 176607.",
"id": "GHSA-26wp-cf2x-v6xh",
"modified": "2022-05-24T19:03:47Z",
"published": "2022-05-24T19:03:47Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-4300"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/176607"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20210622-0004"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/pages/node/6451705"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-274C-RX2J-2V3X
Vulnerability from github – Published: 2023-01-18 18:30 – Updated: 2025-04-04 19:35An issue was discovered in OpenStack Swift before 2.28.1, 2.29.x before 2.29.2, and 2.30.0. By supplying crafted XML files, an authenticated user may coerce the S3 API into returning arbitrary file contents from the host server, resulting in unauthorized read access to potentially sensitive data. This impacts both s3api deployments (Rocky or later), and swift3 deployments (Queens and earlier, no longer actively developed).
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "swift"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.28.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "swift"
},
"ranges": [
{
"events": [
{
"introduced": "2.29.0"
},
{
"fixed": "2.29.2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "swift"
},
"ranges": [
{
"events": [
{
"introduced": "2.30.0"
},
{
"fixed": "2.30.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2.30.0"
]
}
],
"aliases": [
"CVE-2022-47950"
],
"database_specific": {
"cwe_ids": [
"CWE-552",
"CWE-611"
],
"github_reviewed": true,
"github_reviewed_at": "2024-05-14T21:30:33Z",
"nvd_published_at": "2023-01-18T17:15:00Z",
"severity": "MODERATE"
},
"details": "An issue was discovered in OpenStack Swift before 2.28.1, 2.29.x before 2.29.2, and 2.30.0. By supplying crafted XML files, an authenticated user may coerce the S3 API into returning arbitrary file contents from the host server, resulting in unauthorized read access to potentially sensitive data. This impacts both s3api deployments (Rocky or later), and swift3 deployments (Queens and earlier, no longer actively developed).",
"id": "GHSA-274c-rx2j-2v3x",
"modified": "2025-04-04T19:35:40Z",
"published": "2023-01-18T18:30:16Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-47950"
},
{
"type": "WEB",
"url": "https://github.com/openstack/swift/commit/12e54391861e7d182d58f89fb88b027e65842640"
},
{
"type": "WEB",
"url": "https://github.com/openstack/swift/commit/7d13d1a82e1f5d01205a13184907501b4fcbe2b0"
},
{
"type": "WEB",
"url": "https://github.com/openstack/swift/commit/8dd96470a859dc7b189404fb67bd3899ae9c617f"
},
{
"type": "WEB",
"url": "https://github.com/openstack/swift/commit/b8467e190f6fc67fd8fb6a8c5e32b2aa6a10fd8e"
},
{
"type": "WEB",
"url": "https://github.com/openstack/swift/commit/baa98848451b5c234443a068691e12841a5a8383"
},
{
"type": "WEB",
"url": "https://github.com/openstack/swift/commit/c834e7a53d5a33a3fd13ffd954e6f4f4ee953dfc"
},
{
"type": "WEB",
"url": "https://github.com/openstack/swift/commit/d8d04ef43c90079d436b2e49617b4425ba39c28e"
},
{
"type": "WEB",
"url": "https://github.com/openstack/swift/commit/f10672514217adadfc776d9ea2ffb20a37ce073b"
},
{
"type": "PACKAGE",
"url": "https://github.com/openstack/swift"
},
{
"type": "WEB",
"url": "https://launchpad.net/bugs/1998625"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00021.html"
},
{
"type": "WEB",
"url": "https://security.openstack.org/ossa/OSSA-2023-001.html"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2023/dsa-5327"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "OpenStack Swift XML external entities (XXE) Injection"
}
GHSA-27FC-MJRP-6G7X
Vulnerability from github – Published: 2025-12-03 21:31 – Updated: 2025-12-05 21:30XML external entity (XXE) injection in eyoucms v1.7.1 allows remote attackers to cause a denial of service via crafted body of a POST request.
{
"affected": [],
"aliases": [
"CVE-2025-65868"
],
"database_specific": {
"cwe_ids": [
"CWE-611"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-12-03T21:15:52Z",
"severity": "CRITICAL"
},
"details": "XML external entity (XXE) injection in eyoucms v1.7.1 allows remote attackers to cause a denial of service via crafted body of a POST request.",
"id": "GHSA-27fc-mjrp-6g7x",
"modified": "2025-12-05T21:30:22Z",
"published": "2025-12-03T21:31:05Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-65868"
},
{
"type": "WEB",
"url": "https://github.com/weng-xianhu/eyoucms/issues/66"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-27J2-C838-C3QG
Vulnerability from github – Published: 2022-05-13 01:12 – Updated: 2023-08-15 22:20mod/imscp/locallib.php in Moodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 allows remote attackers to read arbitrary files via a package with a manifest file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue affecting IMSCP resources and the IMSCC format.
{
"affected": [
{
"package": {
"ecosystem": "Packagist",
"name": "moodle/moodle"
},
"ranges": [
{
"events": [
{
"introduced": "2.7.0"
},
{
"fixed": "2.7.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2.7.0"
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 2.6.3"
},
"package": {
"ecosystem": "Packagist",
"name": "moodle/moodle"
},
"ranges": [
{
"events": [
{
"introduced": "2.6.0"
},
{
"fixed": "2.6.4"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 2.5.6"
},
"package": {
"ecosystem": "Packagist",
"name": "moodle/moodle"
},
"ranges": [
{
"events": [
{
"introduced": "2.5.0"
},
{
"fixed": "2.5.7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 2.4.10"
},
"package": {
"ecosystem": "Packagist",
"name": "moodle/moodle"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.4.11"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2014-3543"
],
"database_specific": {
"cwe_ids": [
"CWE-611"
],
"github_reviewed": true,
"github_reviewed_at": "2023-08-15T22:20:28Z",
"nvd_published_at": "2014-07-29T11:10:00Z",
"severity": "MODERATE"
},
"details": "`mod/imscp/locallib.php` in Moodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 allows remote attackers to read arbitrary files via a package with a manifest file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue affecting IMSCP resources and the IMSCC format.",
"id": "GHSA-27j2-c838-c3qg",
"modified": "2023-08-15T22:20:28Z",
"published": "2022-05-13T01:12:40Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3543"
},
{
"type": "WEB",
"url": "https://github.com/moodle/moodle/commit/595ef4772d330a20c757635ab090acdcc9b2a2fa"
},
{
"type": "WEB",
"url": "https://git.moodle.org/gw?p=moodle.git;a=commit;h=595ef4772d330a20c757635ab090acdcc9b2a2fa"
},
{
"type": "PACKAGE",
"url": "https://github.com/moodle/moodle"
},
{
"type": "WEB",
"url": "https://moodle.org/mod/forum/discuss.php?d=264264"
},
{
"type": "WEB",
"url": "http://openwall.com/lists/oss-security/2014/07/21/1"
}
],
"schema_version": "1.4.0",
"severity": [],
"summary": "Moodle Arbitrary File Read via XML External Entity vulnerability"
}
GHSA-2853-HF2G-9843
Vulnerability from github – Published: 2022-05-14 03:00 – Updated: 2024-04-23 22:51XMLReader.php in PHPOffice Common before 0.2.9 allows XXE.
{
"affected": [
{
"package": {
"ecosystem": "Packagist",
"name": "phpoffice/common"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.2.9"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2018-14065"
],
"database_specific": {
"cwe_ids": [
"CWE-611"
],
"github_reviewed": true,
"github_reviewed_at": "2024-04-23T22:51:46Z",
"nvd_published_at": "2018-07-15T15:29:00Z",
"severity": "CRITICAL"
},
"details": "`XMLReader.php` in PHPOffice Common before 0.2.9 allows XXE.",
"id": "GHSA-2853-hf2g-9843",
"modified": "2024-04-23T22:51:46Z",
"published": "2022-05-14T03:00:02Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14065"
},
{
"type": "WEB",
"url": "https://github.com/PHPOffice/PHPWord/issues/1421"
},
{
"type": "WEB",
"url": "https://github.com/PHPOffice/Common/pull/23"
},
{
"type": "PACKAGE",
"url": "https://github.com/PHPOffice/Common"
},
{
"type": "WEB",
"url": "https://github.com/PHPOffice/Common/releases/tag/0.2.9"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "PHPOffice Common Improper Restriction of XML External Entity Reference"
}
GHSA-288C-CQ4H-88GQ
Vulnerability from github – Published: 2021-02-18 20:51 – Updated: 2024-03-15 00:30A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 2.6.7.3"
},
"package": {
"ecosystem": "Maven",
"name": "com.fasterxml.jackson.core:jackson-databind"
},
"ranges": [
{
"events": [
{
"introduced": "2.6.0"
},
{
"fixed": "2.6.7.4"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 2.9.10.6"
},
"package": {
"ecosystem": "Maven",
"name": "com.fasterxml.jackson.core:jackson-databind"
},
"ranges": [
{
"events": [
{
"introduced": "2.7.0.0"
},
{
"fixed": "2.9.10.7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 2.10.5.0"
},
"package": {
"ecosystem": "Maven",
"name": "com.fasterxml.jackson.core:jackson-databind"
},
"ranges": [
{
"events": [
{
"introduced": "2.10.0.0"
},
{
"fixed": "2.10.5.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2020-25649"
],
"database_specific": {
"cwe_ids": [
"CWE-611"
],
"github_reviewed": true,
"github_reviewed_at": "2021-02-18T20:41:26Z",
"nvd_published_at": "2020-12-03T17:15:00Z",
"severity": "HIGH"
},
"details": "A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.",
"id": "GHSA-288c-cq4h-88gq",
"modified": "2024-03-15T00:30:48Z",
"published": "2021-02-18T20:51:54Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25649"
},
{
"type": "WEB",
"url": "https://github.com/FasterXML/jackson-databind/issues/2589"
},
{
"type": "WEB",
"url": "https://github.com/FasterXML/jackson-databind/commit/3d932709abd0b5390efe67451653fc9efa9db677"
},
{
"type": "WEB",
"url": "https://github.com/FasterXML/jackson-databind/commit/612f971b78c60202e9cd75a299050c8f2d724a59"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rc82ff47853289e9cd17f5cfbb053c04cafc75ee32e3d7223963f83bb@%3Cdev.knox.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rc15e90bbef196a5c6c01659e015249d6c9a73581ca9afb8aeecf00d2@%3Cjira.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cusers.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cdev.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rb674520b9f6c808c1bf263b1369e14048ec3243615f35cfd24e33604@%3Cissues.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/raf13235de6df1d47a717199e1ecd700dff3236632f5c9a1488d9845b@%3Cjira.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/ra95faf968f3463acb3f31a6fbec31453fc5045325f99f396961886d3@%3Cissues.flink.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/ra409f798a1e5a6652b7097429b388650ccd65fd958cee0b6f69bba00@%3Cissues.hive.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/ra1157e57a01d25e36b0dc17959ace758fc21ba36746de29ba1d8b130@%3Cjira.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r98bfe3b90ea9408f12c4b447edcb5638703d80bc782430aa0c210a54@%3Cissues.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r95a297eb5fd1f2d3a2281f15340e2413f952e9d5503296c3adc7201a@%3Ccommits.tomee.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r94c7e86e546120f157264ba5ba61fd29b3a8d530ed325a9b4fa334d7@%3Ccommits.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r91722ecfba688b0c565675f8bf380269fde8ec62b54d6161db544c22@%3Ccommits.karaf.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r90d1e97b0a743cf697d89a792a9b669909cc5a1692d1e0083a22e66c@%3Cissues.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r900d4408c4189b376d1ec580ea7740ea6f8710dc2f0b7e9c9eeb5ae0@%3Cdev.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r8ae961c80930e2717c75025414ce48a432cea1137c02f648b1fb9524@%3Cissues.hive.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r8937a7160717fe8b2221767163c4de4f65bc5466405cb1c5310f9080@%3Cusers.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
},
{
"type": "WEB",
"url": "https://www.oracle.com//security-alerts/cpujul2021.html"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20210108-0007"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6X2UT4X6M7DLQYBOOHMXBWGYJ65RL2CT"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rf1809a1374041a969d77afab21fc38925de066bc97e86157d3ac3402@%3Ccommits.karaf.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/re96dc7a13e13e56190a5d80f9e5440a0d0c83aeec6467b562fbf2dca@%3Cjira.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/re16f81d3ad49a93dd2f0cba9f8fc88e5fb89f30bf9a2ad7b6f3e69c1@%3Ccommits.karaf.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rdf9a34726482222c90d50ae1b9847881de67dde8cfde4999633d2cdc@%3Ccommits.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rdca8711bb7aa5d47a44682606cd0ea3497e2e922f22b7ee83e81e6c1@%3Cissues.hive.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rd6f6bf848c2d47fa4a85c27d011d948778b8f7e58ba495968435a0b3@%3Cissues.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rd57c7582adc90e233f23f3727db3df9115b27a823b92374f11453f34@%3Cissues.hive.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rd317f15a675d114dbf5b488d27eeb2467b4424356b16116eb18a652d@%3Cjira.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rc959cdb57c4fe198316130ff4a5ecbf9d680e356032ff2e9f4f05d54@%3Cjira.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rc88f2fa2b7bd6443921727aeee7704a1fb02433e722e2abf677e0d3d@%3Ccommits.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r5f8a1608d758936bd6bbc5eed980777437b611537bf6fff40663fc71@%3Cjira.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r5b130fe668503c4b7e2caf1b16f86b7f2070fd1b7ef8f26195a2ffbd@%3Cissues.hive.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r45e7350dfc92bb192f3f88e9971c11ab2be0953cc375be3dda5170bd@%3Cissues.flink.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r407538adec3185dd35a05c9a26ae2f74425b15132470cf540f41d85b@%3Cissues.hive.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r3e6ae311842de4e64c5d560a475b7f9cc7e0a9a8649363c6cf7537eb@%3Ccommits.karaf.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r31f4ee7d561d56a0c2c2c6eb1d6ce3e05917ff9654fdbfec05dc2b83@%3Ccommits.servicecomb.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r2f5c5479f99398ef344b7ebd4d90bc3316236c45d0f3bc42090efcd7@%3Cissues.hive.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r2eb66c182853c69ecfb52f63d3dec09495e9b65be829fd889a081ae1@%3Cdev.hive.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r2b6ddb3a4f4cd11d8f6305011e1b7438ba813511f2e3ab3180c7ffda@%3Ccommits.druid.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r2882fc1f3032cd7be66e28787f04ec6f1874ac68d47e310e30ff7eb1@%3Cjira.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r1b7ed0c4b6c4301d4dfd6fdbc5581b0a789d3240cab55d766f33c6c6@%3Cjira.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r0b8dc3acd4503e4ecb6fbd6ea7d95f59941168d8452ac0ab1d1d96bb@%3Cissues.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r0881e23bd9034c8f51fdccdc8f4d085ba985dcd738f8520569ca5c3d@%3Cissues.hive.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r04529cedaca40c2ff90af4880493f9c88a8ebf4d1d6c861d23108a5a@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r024b7bda9c43c5560d81238748775c5ecfe01b57280f90df1f773949@%3Cissues.hive.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r011d1430e8f40dff9550c3bc5d0f48b14c01ba8aecabd91d5e495386@%3Ccommits.turbine.apache.org%3E"
},
{
"type": "PACKAGE",
"url": "https://github.com/FasterXML/jackson-databind"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1887664"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r8937a7160717fe8b2221767163c4de4f65bc5466405cb1c5310f9080@%3Cdev.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r8764bb835bcb8e311c882ff91dd3949c9824e905e880930be56f6ba3@%3Cuser.spark.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r86c78bf7656fdb2dab69cbf17f3d7492300f771025f1a3a65d5e5ce5@%3Ccommits.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r7cb5b4b3e4bd41a8042e5725b7285877a17bcbf07f4eb3f7b316af60@%3Creviews.iotdb.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r78d53a0a269c18394daf5940105dc8c7f9a2399503c2e78be20abe7e@%3Cjira.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r765283e145049df9b8998f14dcd444345555aae02b1610cfb3188bf8@%3Cnotifications.iotdb.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r73bef1bb601a9f093f915f8075eb49fcca51efade57b817afd5def07@%3Ccommits.iotdb.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r6e3d4f7991542119a4ca6330271d7fbf7b9fb3abab24ada82ddf1ee4@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r6cbd599b80e787f02ff7a1391d9278a03f37d6a6f4f943f0f01a62fb@%3Creviews.iotdb.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r6b11eca1d646f45eb0d35d174e6b1e47cfae5295b92000856bfb6304@%3Cusers.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r6b11eca1d646f45eb0d35d174e6b1e47cfae5295b92000856bfb6304@%3Cdev.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r6a6df5647583541e3cb71c75141008802f7025cee1c430d4ed78f4cc@%3Cissues.hive.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r6a4f3ef6edfed2e0884269d84798f766779bbbc1005f7884e0800d61@%3Cdev.knox.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r68d029ee74ab0f3b0569d0c05f5688cb45dd3abe96a6534735252805@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r63c87aab97155f3f3cbe11d030c4a184ea0de440ee714977db02e956@%3Cjira.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cusers.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cdev.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r605764e05e201db33b3e9c2e66ff620658f07ad74f296abe483f7042@%3Creviews.iotdb.apache.org%3E"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
}
],
"summary": "XML External Entity (XXE) Injection in Jackson Databind"
}
GHSA-288V-W5HM-GFGR
Vulnerability from github – Published: 2022-05-14 03:37 – Updated: 2022-05-14 03:37XML external entity (XXE) vulnerability in IBM Forms Experience Builder 8.5, 8.5.1, and 8.6 allows remote authenticated users to obtain sensitive information via crafted XML data. IBM X-Force ID: 112088.
{
"affected": [],
"aliases": [
"CVE-2016-0369"
],
"database_specific": {
"cwe_ids": [
"CWE-611"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-02-21T16:29:00Z",
"severity": "MODERATE"
},
"details": "XML external entity (XXE) vulnerability in IBM Forms Experience Builder 8.5, 8.5.1, and 8.6 allows remote authenticated users to obtain sensitive information via crafted XML data. IBM X-Force ID: 112088.",
"id": "GHSA-288v-w5hm-gfgr",
"modified": "2022-05-14T03:37:05Z",
"published": "2022-05-14T03:37:05Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0369"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/112088"
},
{
"type": "WEB",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21988727"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-2898-JRC3-X665
Vulnerability from github – Published: 2022-05-13 01:32 – Updated: 2022-05-13 01:32IBM Rational Engineering Lifecycle Manager 5.0 through 5.0.2 and 6.0 through 6.0.6 are vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 150945.
{
"affected": [],
"aliases": [
"CVE-2018-1846"
],
"database_specific": {
"cwe_ids": [
"CWE-611"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-11-02T15:29:00Z",
"severity": "HIGH"
},
"details": "IBM Rational Engineering Lifecycle Manager 5.0 through 5.0.2 and 6.0 through 6.0.6 are vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 150945.",
"id": "GHSA-2898-jrc3-x665",
"modified": "2022-05-13T01:32:35Z",
"published": "2022-05-13T01:32:35Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1846"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/150945"
},
{
"type": "WEB",
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10738075"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-28CV-G234-W9CX
Vulnerability from github – Published: 2023-04-11 12:30 – Updated: 2023-04-11 12:30A vulnerability has been identified in Polarion ALM (All versions < V2304.0). The application contains a XML External Entity Injection (XXE) vulnerability. This could allow an attacker to view files on the application server filesystem.
{
"affected": [],
"aliases": [
"CVE-2023-28828"
],
"database_specific": {
"cwe_ids": [
"CWE-611"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-04-11T10:15:00Z",
"severity": "MODERATE"
},
"details": "A vulnerability has been identified in Polarion ALM (All versions \u003c V2304.0). The application contains a XML External Entity Injection (XXE) vulnerability. This could allow an attacker to view files on the application server filesystem.",
"id": "GHSA-28cv-g234-w9cx",
"modified": "2023-04-11T12:30:26Z",
"published": "2023-04-11T12:30:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28828"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-632164.pdf"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-28QP-8C7M-WC33
Vulnerability from github – Published: 2022-05-04 00:27 – Updated: 2024-02-15 03:30Redland Raptor (aka libraptor) before 2.0.7, as used by OpenOffice 3.3 and 3.4 Beta, LibreOffice before 3.4.6 and 3.5.x before 3.5.1, and other products, allows user-assisted remote attackers to read arbitrary files via a crafted XML external entity (XXE) declaration and reference in an RDF document.
{
"affected": [],
"aliases": [
"CVE-2012-0037"
],
"database_specific": {
"cwe_ids": [
"CWE-200",
"CWE-611"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2012-06-17T03:41:00Z",
"severity": "MODERATE"
},
"details": "Redland Raptor (aka libraptor) before 2.0.7, as used by OpenOffice 3.3 and 3.4 Beta, LibreOffice before 3.4.6 and 3.5.x before 3.5.1, and other products, allows user-assisted remote attackers to read arbitrary files via a crafted XML external entity (XXE) declaration and reference in an RDF document.",
"id": "GHSA-28qp-8c7m-wc33",
"modified": "2024-02-15T03:30:19Z",
"published": "2022-05-04T00:27:45Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-0037"
},
{
"type": "WEB",
"url": "https://github.com/dajobe/raptor/commit/a676f235309a59d4aa78eeffd2574ae5d341fcb0"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74235"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/re0504f08000df786e51795940501e81a5d0ae981ecca68141e87ece0%40%3Ccommits.openoffice.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/re0504f08000df786e51795940501e81a5d0ae981ecca68141e87ece0@%3Ccommits.openoffice.apache.org%3E"
},
{
"type": "WEB",
"url": "http://blog.documentfoundation.org/2012/03/22/tdf-announces-libreoffice-3-4-6"
},
{
"type": "WEB",
"url": "http://librdf.org/raptor/RELEASE.html#rel2_0_7"
},
{
"type": "WEB",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077708.html"
},
{
"type": "WEB",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078242.html"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0410.html"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0411.html"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/48479"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/48493"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/48494"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/48526"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/48529"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/48542"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/48649"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/50692"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/60799"
},
{
"type": "WEB",
"url": "http://security.gentoo.org/glsa/glsa-201209-05.xml"
},
{
"type": "WEB",
"url": "http://vsecurity.com/resources/advisory/20120324-1"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2012/dsa-2438"
},
{
"type": "WEB",
"url": "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml"
},
{
"type": "WEB",
"url": "http://www.libreoffice.org/advisories/CVE-2012-0037"
},
{
"type": "WEB",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:061"
},
{
"type": "WEB",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:062"
},
{
"type": "WEB",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:063"
},
{
"type": "WEB",
"url": "http://www.openoffice.org/security/cves/CVE-2012-0037.html"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2012/03/27/4"
},
{
"type": "WEB",
"url": "http://www.osvdb.org/80307"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/52681"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id?1026837"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
Mitigation
Many XML parsers and validators can be configured to disable external entity expansion.
CAPEC-221: Data Serialization External Entities Blowup
This attack takes advantage of the entity replacement property of certain data serialization languages (e.g., XML, YAML, etc.) where the value of the replacement is a URI. A well-crafted file could have the entity refer to a URI that consumes a large amount of resources to create a denial of service condition. This can cause the system to either freeze, crash, or execute arbitrary code depending on the URI.